CVE-2020-25340 – nfstream

Package

Manager: pip
Name: nfstream
Vulnerable Version: =5.2.0

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS: 0.00048 pctl0.1454

Details

NFStream Local Denial of Service (DoS) An issue was discovered in NFStream 5.2.0. Because some allocated modules are not correctly freed, if the nfstream object is directly destroyed without being used after it is created, it will cause a memory leak that may result in a local denial of service (DoS).

Metadata

Created: 2022-05-24T17:42:18Z
Modified: 2024-09-26T14:38:49Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-whmq-cfm5-j8mj/GHSA-whmq-cfm5-j8mj.json
CWE IDs: ["CWE-401", "CWE-770"]
Alternative ID: GHSA-whmq-cfm5-j8mj
Finding: F067
Auto approve: 1